If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War

Yes, this article specifically rated enterprise software, but for some reason SpyBot Search & Destroy was mentioned in a couple places. Odd.

Yes, shallow article. From an enterprise perspective, the review would only cause more confusion than anything when trying to evaluate the various products. They kind of glossed over the criteria and who did what in each category. I was left feeling a bit underfed, and I don't feel confident in their "winner."

But, enterprise level anti-spyware is still a somewhat new area, so I suspect we'll see better, more complete reviews in the future. Maybe not from ZDNet.

Nihil: I'd like to know how you think the article is shallow if you didn't even look at the Testing Methodology....

To say it's shallow because it's entirely enterprise level Anti-spyware is pretty.. hrm.. pathetic... More and more enterprises are looking for Centralized Anti-Spyware solutions... and most enterprises won't accept free alternatives... Besides where have you seen a Free Centralized Anti-Spyware (Side Note: is it acceptable to abbr. Anti-Spyware as AS just as with do with AV?... ).... perhaps one that's even AD Integrated and easily deployed across 1000s of machines?

I think that rapier has a point in that they glossed over things, but they didn't do a bad job, they outlined the tests.. just didn't give the details... they also only mentioned the top result in each category... The problem I had was that their "winner" seemed to be solely on malware that was detected and like rapier I don't feel confident in their winner... However I've done independent comparisons before and usually Norton/Symantec products come out on top... Lately however, others are starting to beat them.... Trend Micro for one.. This test was undoubtedly skewed because they would have taken malware that was easy to find... things that most people would already have in their signature databases... they should have gone with a list of rare malware... then again maybe they did... this is definately one place that lacked.. the details of malware that was used..

All in all I think it's fairly decent.... ZDNet has never been known for being technical... It's designed for IT Managers (you know.. the people that know nothing about IT) and higher-ups... For them I think it does the trick...

Peace,
HT

PS.... the load time on those pages definately sucks... I think that the internet connection to AU is a modem on each end with cans and a string in the middle to carry the sound.

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Actually we don't spell scientific like that over here. I will forgive you for your obvious lack of experience in software testing and selection and explain how it should be done

They should have taken specialist detectors such as Spybot, EWIDO, A-Squared, Pest Patrol etc. etc. and include them in the test as "controls".

It has obviously not occurred to you that the whole damn lot of those products might be total FUD, crud and bullcrap, and that none of them are worth a candle? Only by testing them against known, specialist performers will you find that out. If none of it is any damn good, who cares which is best or worst?

They should clearly and precisely state their test methodology and environment.

They should clearly state the precise malware that the products were tested against.

They should precisely tabulate the results each product obtained. Together with notes of any oddities and exceptions.

However I've done independent comparisons before and usually Norton/Symantec products come out on top

Would you care to post your detailed methodology and results, because you seem to be in a minority of one

All in all I think it's fairly decent.... ZDNet has never been known for being technical... It's designed for IT Managers (you know.. the people that know nothing about IT) and higher-ups... For them I think it does the trick...

Oh Dear! now that is sad?...............allow me to enlighten you regarding the world of publishing: It is more dependent on masonic lodges, brown envelopes on sub-editors' desks and advertising space booked, than it has to do with independent and rigorous scientific analysis.

if you didn't even look at the Testing Methodology....

Oh! I did, I did! "pathetic" is the word that comes to mind..............or "bent as a dog's hind leg"...........otherwise where are the details?

Question - has anyone had their organization declare and official "Spyware Solution?"

I know there is not "one tool to fix all", at least I have not seen it yet, but just wondering. So far, it looks like we need a cocktail of tools to address our issues.

\"We\'re the middle children of history.... no purpose or place. We have no Great War, no Great Depression. Our great war is a spiritual war. Our great depression is our lives. We\'ve all been raised by television to believe that one day we\'ll all be millionaires and movie gods and rock stars -- but we won\'t. And we\'re learning slowly that fact. And we\'re very, very pissed off.\" - Tyler (Brad Pitt) Fight Club.

Originally posted here by nihil
They should have taken specialist detectors such as Spybot, EWIDO, A-Squared, Pest Patrol etc. etc. and include them in the test as "controls".

You consider Pest Patrol to be a "control"???

It has obviously not occurred to you that the whole damn lot of those products might be total FUD, crud and bullcrap, and that none of them are worth a candle? Only by testing them against known, specialist performers will you find that out. If none of it is any damn good, who cares which is best or worst?

What makes those specialists??? They do a single task... no one said they did it well... If you want tried and true performers... Trend Micro's been around with House Call and their downloadable System Cleaner for quite some time.... AntiSpyware (Defender) has proven itself time and time again to be just as good as AdAware and Spybot.... AdAware and Spybot are usually the top two mentioned... AdAware was in there... How can you say that those few are controls... When there are plenty of well known Malware detection tools in the lot..

They should clearly and precisely state their test methodology and environment.

Malware in an IM/Email attachment? Now you want Real-Time protection... I've yet to see one that detects malware in attachments... However if you've got one, I'd love to give it a try.. The only real-time I've seen is with AV that detects some malware and with Anti-Spyware... As far as zipped folders... again... not a big deal in my opinion... If malware is zipped somewhere on your system, it's not affecting your system... It's almost like you've got Malware and Viruses/Worms mixed up.

They should clearly state the precise malware that the products were tested against.

I said this already..

They should precisely tabulate the results each product obtained. Together with notes of any oddities and exceptions.

This wasn't a study... it was a review... there were flaws (as I've stated) but it provided exactly what it claimed it would... a review of them... When was the last time you watched TV and saw a car show review a car and tabulate the results and compare with notes on oddities and exceptions? Reviews don't go that in depth.

Would you care to post your detailed methodology and results, because you seem to be in a minority of one

Quite simple.... I deployed a laptop on our troubled network and allowed it to be infected with everything floating around... Then I created a ghost image and kept reimaging the machine, cleaning it with a different product each time... Found the best one to clean the problems we had... and distributed to the students who have the problems... Sometimes you remind me of catch... A lot of knowledge... but living in a world of theory rather than reality.

Oh Dear! now that is sad?...............allow me to enlighten you regarding the world of publishing: It is more dependent on masonic lodges, brown envelopes on sub-editors' desks and advertising space booked, than it has to do with independent and rigorous scientific analysis.

I'm not even sure this has anything with my comment.

Oh! I did, I did! "pathetic" is the word that comes to mind..............or "bent as a dog's hind leg"...........otherwise where are the details?

One again, they provided a review exactly like they said.... Check out hardware reviews, networking reviews or book reviews... Reviews are subjective... not scientific... It's not a study... There's a big different.... As for you checking it... at the time of your last posting you hadn't.. so you had no right to call it pathetic...

Peace,
HT

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Amid the discussion of whether or not Nihil and HTRez agree with each other (or can find flaws in each others logic), I think GenXer asked a very good question.

Originally posted here by genXer Question - has anyone had their organization declare and official "Spyware Solution?"

I would be interested in the same thing. What is the stance of a few organizations?

-Deeboe

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War

I think you see the crux of the situation in its current state in the discussion between nihil and HT (both respected individuals who have strong opinions). There is no good industry standard by which to measure an enterprise anti-spyware installation, and the players have trouble agreeing on the criteria and testing methodology.

I know of a couple outfits who have adopted a "corporate" standard anti-spyware solution. My own take is that it is still too early to make those committments. The players need to decide that anything that installs, modifies and otherwise manipulates a personal system without the owner's knowledge, understanding or permission is spyware, no matter who it comes from or what its purpose. Some tend to think that their buddy's little app isn't spyware, while others tag it.

Agreement is coming ... sometime ... maybe sooner than later.

Once we are there, we can actually establish standards by which the tools can be measured.